Skip to content

Privacy Policy

Last updated: March 16, 2026

1. Introduction

This Privacy Policy explains how NEKAPP ("we", "us", or "our") collects, uses, stores, and protects personal data when you use our platform at nekapp.properties and related services.

We are committed to protecting your privacy and processing your personal data in accordance with the Law on Personal Data Protection of the Republic of Serbia ("ZZPL") and the principles of the EU General Data Protection Regulation (GDPR).

2. Data Controller

The data controller responsible for processing your personal data is NEKAPP, reachable at:

3. Data We Collect

Information you provide directly:

  • Contact information: name, email address, phone number
  • Company information: agency name, team size
  • Account credentials: email address and password
  • Communications: messages submitted through the demo request form

Information collected automatically:

  • Browser type, operating system, and device information
  • IP address and approximate geographic location
  • Cookie data and usage analytics (see Section 6)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract performance: processing necessary to provide the Service under our Terms of Service
  • Legitimate interest: improving and securing our Service, fraud prevention, and business analytics
  • Consent: for optional cookies and marketing communications, which you can withdraw at any time
  • Legal obligation: where processing is required to comply with applicable laws and regulations

5. How We Use Your Data

  • To provide, maintain, and improve the NEKAPP platform
  • To process demo requests and communicate with you about the Service
  • To send transactional emails related to your account (via Resend)
  • To monitor and analyze usage patterns for service improvement
  • To comply with legal obligations, including regulatory reporting

6. Cookies

Our website uses cookies grouped into the following categories:

  • Necessary cookies: essential for the website to function properly (e.g., session management, CSRF protection). These cannot be disabled.
  • Functional cookies: enable enhanced features such as language preferences and theme settings. These are optional.
  • Marketing cookies: used to measure campaign effectiveness and display relevant content. These are optional.

You can manage your cookie preferences at any time through the cookie settings accessible in our website footer.

7. Data Sharing and Third Parties

We do not sell your personal data. We may share data with the following categories of third parties:

  • Service providers: hosting infrastructure, email delivery (Resend), and analytics tools that help us operate the Service
  • Legal authorities: when required by law, court order, or to protect our legal rights
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction

All third-party service providers are contractually obligated to protect your data and process it only for the specified purposes.

8. Data Retention

We retain your personal data for as long as your subscription is active and for a reasonable period thereafter to fulfill legal obligations, resolve disputes, and enforce our agreements.

Demo request data is retained for up to 12 months from submission. Upon subscription termination, your account data is retained for 30 days to allow data export, after which it is permanently deleted.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, regular security assessments, and secure backup procedures.

10. Your Rights

Under applicable data protection laws, you have the following rights:

  • Right of access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate or incomplete data
  • Right to erasure: request deletion of your personal data under certain circumstances
  • Right to restrict processing: request limitation of how we process your data
  • Right to data portability: receive your data in a structured, commonly used format
  • Right to object: object to processing based on legitimate interests or for direct marketing

To exercise any of these rights, please contact us using the form below. We will respond to your request within 30 days.

11. International Data Transfers

Your data is primarily processed and stored within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the Service. The date of the last update is indicated at the top of this page.

13. Contact

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Contact Us

Send us a message and we'll get back to you as soon as possible.